CORS (Сross-Origin Resource Sharing)

Cross-Origin Resource Sharing (CORS) is a security protocol that allows web applications to securely access resources of other origin. This is possible by using additional HTTP headers to grant the browser permission to access these resources.

CORS Stages

Preliminary request. Before the main request, the browser sends a preflight research request to the server via the HTTP OPTIONS method. Its purpose is to ensure the security of the actual request.

CORS headers. The server responds with CORS headers, which determine which origin sites, HTTP methods, and headers are allowed in the actual request.

The actual request. If the preliminary check is successful, the browser proceeds to send the actual request with the relevant data.

Advantages of CORS

Safety. CORS ensures that sensitive data does not fall into the hands of malicious websites, thereby protecting the server and the client.

Flexibility. CORS allows developers to create dynamic and enriched websites through the safe use of resources of various origins.

Control. CORS determines which sites can interact with their owners’ servers and gives them a sense of control, allowing them to abandon thesingle origin restriction“.

Application of CORS

Downloading fonts. When fonts from different sources are needed for a web page, the correct installation of CORS headers is of great importance.

API calls. CORS provides security and authorization of interaction when a web application makes API calls to the server from another source.

Getting the data. The correct implementation of CORS is crucial for single-page applications (SPA) that receive data from various sources.

We use cookies to optimise website functionality and improve our services. To find out more, please read our Privacy Policy.
Cookies settings
Strictly necessary cookies
Analytics cookies